views:

357

answers:

1

I have developed a small tool to upload salary information to the swiss administration and I used WSE 3.0 with success. But now, one of my customers has reported that on his machine, my program crashes with the following stack trace:

WSE032: There was an error loading the microsoft.web.services3 configuration section.
  at Microsoft.Web.Services3.Configuration.WebServicesConfiguration.get_Current()
  at Microsoft.Web.Services3.Configuration.WebServicesConfiguration.get_MessagingConfiguration()
  at Microsoft.Web.Services3.WebServicesClientProtocol..ctor()
  ...

I've tried to figure out what this means, but I must admit that I am a bit lost here. The program has a .exe.config file with the following contents:

<?xml version="1.0"?>
<configuration>
  <configSections>
    <section name="microsoft.web.services3" type="Microsoft.Web.Services3.Configuration.WebServicesConfiguration, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
    ...
  </configSections>
  <startup>
    <supportedRuntime version="v2.0.50727"/>
  </startup>
  <microsoft.web.services3>
    <security>
      <x509 allowTestRoot="false" storeLocation="CurrentUser" skiMode="RFC3280"/>
    </security>
  </microsoft.web.services3>
...
</configuration>

Removing the <security> node from the XML above sort of fixes the issue (the WSE032 error vanishes) but this is not a solution in my case, as I need to configure the security this way in order to be able to sign the data I am transmitting later on.

Any idea what could be the issue. Obviously, WSE 3.0 has been installed on the customer's machine, since otherwise, the stack trace would not have shown it in the callers before WSE032 error happens.

A: 

It appears that the customer was executing the program from a drive letter mounted on a share; even though I thought that .NET 3.5 SP1 allowed full trust privilege to EXEs launched from the LocalIntranet_Zone, this seems to be an issue with the loading of the WSE configuration section of the executable.

To fix this, I ran caspol which can be found here:

C:\Windows\Microsoft.NET\Framework\v2.0.50727\caspol.exe

The command line is something along the lines of:

caspol -m -ag LocalIntranet_Zone -url N:\* FullTrust -n "name" -d "description"

for a share mounted on drive letter N:; note that name and description are purely informational.

This command gives all executables found on the drive N: the FullTrust privilege, just as if they were started from a local resource (hard disk drive, for instance).

See How to: Grant Permissions on Folders and Assemblies on MSDN.

Pierre